Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/reddit.mjsscript uses theexecfunction to automatically open the system's default web browser to the Reddit OAuth authorization page. It selects the appropriate platform command (openfor macOS,startfor Windows, orxdg-openfor Linux) to facilitate the login process.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes user-generated content from Reddit which may contain adversarial instructions. - Ingestion points: Data is fetched from Reddit via the
getPosts,searchPosts, andgetCommentsfunctions inscripts/reddit.mjs. - Boundary markers: No delimiters or protective instructions are used to distinguish Reddit content from system instructions.
- Capability inventory: The agent can perform write actions including submitting posts, replying to comments, and moderation (remove, approve, lock, sticky).
- Sanitization: Content fetched from external sources is not sanitized or filtered before being presented to the agent context.
Audit Metadata